package cn.czg.cms.config;

import cn.dev33.satoken.interceptor.SaInterceptor;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpUtil;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * 权限安全配置
 *
 * @author Lion Li
 */

@Slf4j
@Configuration
@AllArgsConstructor
public class SecurityConfig implements WebMvcConfigurer {


    /**
     * 注册sa-token的拦截器
     */
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new SaInterceptor(handler -> {

                    SaRouter
                            .match("/api/**")    // 拦截所有 /api/ 开头的接口
                            .check(StpUtil::checkLogin);
                }))
                .addPathPatterns("/api/**")     // ✅ 只添加拦截器路径为 /api/**
                .excludePathPatterns(
                        "/**/*.html",
                        "/**/*.css",
                        "/**/*.js",
                        "/favicon.ico",
                        "/error",
                        "/*/api-docs",
                        "/*/api-docs/**",
                        "/warm-flow-ui/config",
                        "/api/user/register",
                        "/api/user/login",
                        "/api/user/exists",
                        "/ws/**"
                );
    }


}
